void GenericAgentDiscoverContext(EvalContext *ctx, GenericAgentConfig *config) { GenericAgentSetDefaultDigest(&CF_DEFAULT_DIGEST, &CF_DEFAULT_DIGEST_LEN); GenericAgentInitialize(ctx, config); time_t t = SetReferenceTime(); UpdateTimeClasses(ctx, t); SanitizeEnvironment(); THIS_AGENT_TYPE = config->agent_type; EvalContextClassPutHard(ctx, CF_AGENTTYPES[config->agent_type], "cfe_internal,source=agent"); DetectEnvironment(ctx); EvalContextHeapPersistentLoadAll(ctx); LoadSystemConstants(ctx); if (config->agent_type == AGENT_TYPE_AGENT && config->agent_specific.agent.bootstrap_policy_server) { if (!RemoveAllExistingPolicyInInputs(GetInputDir())) { Log(LOG_LEVEL_ERR, "Error removing existing input files prior to bootstrap"); exit(EXIT_FAILURE); } if (!WriteBuiltinFailsafePolicy(GetInputDir())) { Log(LOG_LEVEL_ERR, "Error writing builtin failsafe to inputs prior to bootstrap"); exit(EXIT_FAILURE); } bool am_policy_server = false; { const char *canonified_bootstrap_policy_server = CanonifyName(config->agent_specific.agent.bootstrap_policy_server); am_policy_server = NULL != EvalContextClassGet(ctx, NULL, canonified_bootstrap_policy_server); { char policy_server_ipv4_class[CF_BUFSIZE]; snprintf(policy_server_ipv4_class, CF_MAXVARSIZE, "ipv4_%s", canonified_bootstrap_policy_server); am_policy_server |= NULL != EvalContextClassGet(ctx, NULL, policy_server_ipv4_class); } if (am_policy_server) { Log(LOG_LEVEL_INFO, "Assuming role as policy server, with policy distribution point at %s", GetMasterDir()); EvalContextClassPutHard(ctx, "am_policy_hub", "source=bootstrap"); if (!MasterfileExists(GetMasterDir())) { Log(LOG_LEVEL_ERR, "In order to bootstrap as a policy server, the file '%s/promises.cf' must exist.", GetMasterDir()); exit(EXIT_FAILURE); } } else { Log(LOG_LEVEL_INFO, "Not assuming role as policy server"); } WriteAmPolicyHubFile(CFWORKDIR, am_policy_server); } WritePolicyServerFile(GetWorkDir(), config->agent_specific.agent.bootstrap_policy_server); SetPolicyServer(ctx, config->agent_specific.agent.bootstrap_policy_server); /* FIXME: Why it is called here? Can't we move both invocations to before if? */ UpdateLastPolicyUpdateTime(ctx); Log(LOG_LEVEL_INFO, "Bootstrapping to '%s'", POLICY_SERVER); } else { char *existing_policy_server = ReadPolicyServerFile(GetWorkDir()); if (existing_policy_server) { Log(LOG_LEVEL_VERBOSE, "This agent is bootstrapped to '%s'", existing_policy_server); SetPolicyServer(ctx, existing_policy_server); free(existing_policy_server); UpdateLastPolicyUpdateTime(ctx); } else { Log(LOG_LEVEL_VERBOSE, "This agent is not bootstrapped"); return; } if (GetAmPolicyHub(GetWorkDir())) { EvalContextClassPutHard(ctx, "am_policy_hub", "source=bootstrap,deprecated,alias=policy_server"); Log(LOG_LEVEL_VERBOSE, "Additional class defined: am_policy_hub"); EvalContextClassPutHard(ctx, "policy_server", "inventory,attribute_name=CFEngine roles,source=bootstrap"); Log(LOG_LEVEL_VERBOSE, "Additional class defined: policy_server"); } } }
void GenericAgentDiscoverContext(EvalContext *ctx, GenericAgentConfig *config) { strcpy(VPREFIX, ""); Log(LOG_LEVEL_VERBOSE, " %s", NameVersion()); Banner("Initialization preamble"); GenericAgentSetDefaultDigest(&CF_DEFAULT_DIGEST, &CF_DEFAULT_DIGEST_LEN); GenericAgentInitialize(ctx, config); time_t t = SetReferenceTime(); UpdateTimeClasses(ctx, t); SanitizeEnvironment(); THIS_AGENT_TYPE = config->agent_type; LoggingSetAgentType(CF_AGENTTYPES[config->agent_type]); EvalContextClassPutHard(ctx, CF_AGENTTYPES[config->agent_type], "cfe_internal,source=agent"); DetectEnvironment(ctx); EvalContextHeapPersistentLoadAll(ctx); LoadSystemConstants(ctx); const char *bootstrap_arg = config->agent_specific.agent.bootstrap_policy_server; /* Are we bootstrapping the agent? */ if (config->agent_type == AGENT_TYPE_AGENT && bootstrap_arg != NULL) { EvalContextClassPutHard(ctx, "bootstrap_mode", "source=environment"); if (!RemoveAllExistingPolicyInInputs(GetInputDir())) { Log(LOG_LEVEL_ERR, "Error removing existing input files prior to bootstrap"); exit(EXIT_FAILURE); } if (!WriteBuiltinFailsafePolicy(GetInputDir())) { Log(LOG_LEVEL_ERR, "Error writing builtin failsafe to inputs prior to bootstrap"); exit(EXIT_FAILURE); } char canonified_ipaddr[strlen(bootstrap_arg) + 1]; StringCanonify(canonified_ipaddr, bootstrap_arg); bool am_policy_server = EvalContextClassGet(ctx, NULL, canonified_ipaddr) != NULL; if (am_policy_server) { Log(LOG_LEVEL_INFO, "Assuming role as policy server," " with policy distribution point at: %s", GetMasterDir()); MarkAsPolicyServer(ctx); if (!MasterfileExists(GetMasterDir())) { Log(LOG_LEVEL_ERR, "In order to bootstrap as a policy server," " the file '%s/promises.cf' must exist.", GetMasterDir()); exit(EXIT_FAILURE); } CheckAndSetHAState(GetWorkDir(), ctx); } else { Log(LOG_LEVEL_INFO, "Assuming role as regular client," " bootstrapping to policy server: %s", bootstrap_arg); if (config->agent_specific.agent.bootstrap_trust_server) { EvalContextClassPutHard(ctx, "trust_server", "source=agent"); Log(LOG_LEVEL_NOTICE, "Bootstrap mode: implicitly trusting server, " "use --trust-server=no if server trust is already established"); } } WriteAmPolicyHubFile(am_policy_server); WritePolicyServerFile(GetWorkDir(), bootstrap_arg); SetPolicyServer(ctx, bootstrap_arg); /* FIXME: Why it is called here? Can't we move both invocations to before if? */ UpdateLastPolicyUpdateTime(ctx); } else { char *existing_policy_server = ReadPolicyServerFile(GetWorkDir()); if (existing_policy_server) { Log(LOG_LEVEL_VERBOSE, "This agent is bootstrapped to: %s", existing_policy_server); SetPolicyServer(ctx, existing_policy_server); free(existing_policy_server); UpdateLastPolicyUpdateTime(ctx); } else { Log(LOG_LEVEL_VERBOSE, "This agent is not bootstrapped -" " can't find policy_server.dat in: %s", GetWorkDir()); return; } if (GetAmPolicyHub()) { MarkAsPolicyServer(ctx); /* Should this go in MarkAsPolicyServer() ? */ CheckAndSetHAState(GetWorkDir(), ctx); } } }
void GenericAgentDiscoverContext(EvalContext *ctx, GenericAgentConfig *config) { GenericAgentInitialize(ctx, config); SetReferenceTime(ctx, true); SetStartTime(); SanitizeEnvironment(); THIS_AGENT_TYPE = config->agent_type; EvalContextHeapAddHard(ctx, CF_AGENTTYPES[config->agent_type]); GenericAgentSetDefaultDigest(&CF_DEFAULT_DIGEST, &CF_DEFAULT_DIGEST_LEN); GetNameInfo3(ctx, config->agent_type); GetInterfacesInfo(ctx); Get3Environment(ctx, config->agent_type); BuiltinClasses(ctx); OSClasses(ctx); EvalContextHeapPersistentLoadAll(ctx); LoadSystemConstants(ctx); if (config->agent_type == AGENT_TYPE_AGENT && config->agent_specific.agent.bootstrap_policy_server) { if (!RemoveAllExistingPolicyInInputs(GetWorkDir())) { Log(LOG_LEVEL_ERR, "Error removing existing input files prior to bootstrap"); exit(EXIT_FAILURE); } if (!WriteBuiltinFailsafePolicy(GetWorkDir())) { Log(LOG_LEVEL_ERR, "Error writing builtin failsafe to inputs prior to bootstrap"); exit(EXIT_FAILURE); } bool am_policy_server = false; { const char *canonified_bootstrap_policy_server = CanonifyName(config->agent_specific.agent.bootstrap_policy_server); am_policy_server = IsDefinedClass(ctx, canonified_bootstrap_policy_server, NULL); { char policy_server_ipv4_class[CF_BUFSIZE]; snprintf(policy_server_ipv4_class, CF_MAXVARSIZE, "ipv4_%s", canonified_bootstrap_policy_server); am_policy_server |= IsDefinedClass(ctx, policy_server_ipv4_class, NULL); } if (am_policy_server) { Log(LOG_LEVEL_INFO, "Assuming role as policy server, with policy distribution point at %s/masterfiles", GetWorkDir()); EvalContextHeapAddHard(ctx, "am_policy_hub"); if (!MasterfileExists(GetWorkDir())) { Log(LOG_LEVEL_ERR, "In order to bootstrap as a policy server, the file '%s/masterfiles/promises.cf' must exist.", GetWorkDir()); exit(EXIT_FAILURE); } } else { Log(LOG_LEVEL_INFO, "Not assuming role as policy server"); } WriteAmPolicyHubFile(CFWORKDIR, am_policy_server); } WritePolicyServerFile(GetWorkDir(), config->agent_specific.agent.bootstrap_policy_server); SetPolicyServer(ctx, config->agent_specific.agent.bootstrap_policy_server); Log(LOG_LEVEL_INFO, "Bootstrapping to '%s'", POLICY_SERVER); } else { char *existing_policy_server = ReadPolicyServerFile(GetWorkDir()); if (existing_policy_server) { Log(LOG_LEVEL_VERBOSE, "This agent is bootstrapped to '%s'", existing_policy_server); } else { Log(LOG_LEVEL_VERBOSE, "This agent is not bootstrapped"); } SetPolicyServer(ctx, existing_policy_server); if (GetAmPolicyHub(GetWorkDir())) { EvalContextHeapAddHard(ctx, "am_policy_hub"); // DEPRECATED: use policy_server instead Log(LOG_LEVEL_VERBOSE, "Additional class defined: am_policy_hub"); EvalContextHeapAddHard(ctx, "policy_server"); Log(LOG_LEVEL_VERBOSE, "Additional class defined: policy_server"); } } }
void GenericInitialize(int argc,char **argv,char *agents) { enum cfagenttype ag = Agent2Type(agents); char vbuff[CF_BUFSIZE]; int ok = false; #ifdef HAVE_NOVA CF_DEFAULT_DIGEST = cf_sha256; CF_DEFAULT_DIGEST_LEN = CF_SHA256_LEN; #else CF_DEFAULT_DIGEST = cf_md5; CF_DEFAULT_DIGEST_LEN = CF_MD5_LEN; #endif InitializeGA(argc,argv); SetReferenceTime(true); SetStartTime(false); SetSignals(); SanitizeEnvironment(); strcpy(THIS_AGENT,CF_AGENTTYPES[ag]); NewClass(THIS_AGENT); THIS_AGENT_TYPE = ag; // need scope sys to set vars in expiry function SetNewScope("sys"); if (EnterpriseExpiry()) { CfOut(cf_error,"","Cfengine - autonomous configuration engine. This enterprise license is invalid.\n"); exit(1); } if (AM_NOVA) { CfOut(cf_verbose,""," -> This is CFE Nova\n"); } if (AM_CONSTELLATION) { CfOut(cf_verbose,""," -> This is CFE Constellation\n"); } NewScope("const"); NewScope("match"); NewScope("mon"); GetNameInfo3(); CfGetInterfaceInfo(ag); if (ag != cf_know) { Get3Environment(); BuiltinClasses(); OSClasses(); } LoadPersistentContext(); LoadSystemConstants(); snprintf(vbuff,CF_BUFSIZE,"control_%s",THIS_AGENT); SetNewScope(vbuff); NewScope("this"); NewScope("match"); if (BOOTSTRAP) { CheckAutoBootstrap(); } else { if (strlen(POLICY_SERVER) > 0) { CfOut(cf_verbose,""," -> Found a policy server (hub) on %s",POLICY_SERVER); } else { CfOut(cf_verbose,""," -> No policy server (hub) watch yet registered"); } } SetPolicyServer(POLICY_SERVER); if (ag != cf_keygen) { if (!MissingInputFile()) { bool check_promises = false; if (SHOWREPORTS) { check_promises = true; CfOut(cf_verbose, "", " -> Reports mode is enabled, force-validating policy"); } if (IsFileOutsideDefaultRepository(VINPUTFILE)) { check_promises = true; CfOut(cf_verbose, "", " -> Input file is outside default repository, validating it"); } if (NewPromiseProposals()) { check_promises = true; CfOut(cf_verbose, "", " -> Input file is changed since last validation, validating it"); } if (check_promises) { ok = CheckPromises(ag); if (BOOTSTRAP && !ok) { CfOut(cf_verbose, "", " -> Policy is not valid, but proceeding with bootstrap"); ok = true; } } else { CfOut(cf_verbose, "", " -> Policy is already validated"); ok = true; } } if (ok) { ReadPromises(ag,agents); } else { CfOut(cf_error,"","cf-agent was not able to get confirmation of promises from cf-promises, so going to failsafe\n"); snprintf(VINPUTFILE,CF_BUFSIZE-1,"failsafe.cf"); ReadPromises(ag,agents); } if (SHOWREPORTS) { CompilationReport(VINPUTFILE); } CheckLicenses(); } XML = 0; }